The logical-probabilistic model for assessing the information security assessing of the critical information infrastructure subject under destructive influences

Abstract

Security of the subject of critical information infrastructure (SCII) is one of the key issues of our time at the international level. One of the guarantors of stability and information security of society and the state as a whole is the reliability of the SCII functioning. The currently existing methods and models for assessing reliability, as applied to CII, are considered without taking into account the factor of influence of the offender, which can have a destructive effect on the subject of CII. This leads to significant errors in the analysis of the information security of the subject of CII, therefore, reduces the effectiveness of the information protection means declared for CII objects.The proposed logical-probabilistic model is associated with the use of the specifics of the regulatory and legal framework in the field of SCII safety; structured detailing of the CII subject, taking into account the specifics of the subject; stages of the life cycle of the SCII information protection system; highlighted destructive malicious influences of an infrastructural nature; interrelationships of the selected destructs with a number of vulnerabilities on CII objects. The model takes into account physical, physicochemical, chemical, biological, operational factors of threat realization as factors affecting the decrease in the reliability of the functioning of the CII subject. The assessment of reliability indicators is carried out taking into account the characteristics of recoverable and non-recoverable objects, backup methods. The model allows you to assess the reliability of the subject of CII as an integrative characteristic, which is an indicator of the assessment of information security.